Page: 1
/ 14
Total 75 questions
Nutanix Certified Professional - Cloud Integration - AWS v6.7 NCP-CI-AWS Exam Practice Test
Question 1
An administrator is attempting to deploy an NC2 cluster.
The cluster configuration is as follows:
* Name - Cluster-1
* Nodes of type i4i.metal
* Replication Factor 2
* Existing VPC resources
* VPC - 10.0.0.0/16
* Subnets:
* Bare metal hosts: 10.0.1.0/24
* User VMs:10.0.2.0/24
* Public: 10.0.3.0/24
During the deployment process, the administrator notices the following alert:
What should the administrator do to ensure the cluster deployment does not fail?
Answer : C
The alert indicates a potential issue with the VPC/Subnet settings, preventing the cluster nodes from contacting Nutanix services.
To resolve this, the administrator needs to ensure that the subnet 10.0.1.0/24, which is assigned for Bare metal hosts, has an outbound Internet connection.
This connection is necessary for the cluster nodes to communicate with external Nutanix services for updates, license validation, and other essential operations.
Verify that there are appropriate route tables and security group rules allowing outbound traffic to the Internet from the 10.0.1.0/24 subnet.
Ensure that there is either an Internet Gateway (IGW) attached to the VPC or a NAT Gateway configured if using private subnets.
Reference: Refer to the Nutanix documentation and AWS VPC configuration guides to ensure proper Internet connectivity and routing setups.
Question 2
An administrator needs the permissions to create and manage multiple organizations and clusters in NC2, as well as manage user access for the entire company.
What role should be assigned to meet the minimum requirements of this task?
Answer : B
The role of 'Customer Administrator' in Nutanix Cloud Integration with AWS (NC2) is designed to meet the requirements of creating and managing multiple organizations and clusters, as well as managing user access for the entire company.
Roles and Permissions:
Customer Administrator: This role has the broadest set of permissions, allowing the user to create and manage organizations, clusters, and user access across the entire company. It encompasses administrative control over multiple aspects of the NC2 environment.
Capabilities:
Organization Management: Ability to create and manage multiple organizations.
Cluster Management: Full control over creating, configuring, and managing clusters.
User Access Management: Manage user roles and permissions, ensuring that the right individuals have access to the necessary resources.
Why Not Other Roles:
Organization Administrator: Limited to managing organizations but not clusters and user access at the company level.
Customer Security Administrator: Focuses on security aspects, lacking broader administrative capabilities.
Cluster Administrator: Limited to managing clusters without the ability to manage organizations and user access comprehensively.
Nutanix Cloud Clusters on AWS Administration Guide
Nutanix Role-Based Access Control Documentation
Question 3
An administrator has recently deployed an NC2 on AWS cluster in the North Virginia region in availability zone us-east-1z. The clusters UUID is 0005F487-4962-91EA-4C98-C4284D123835.
The cluster is consuming IPs from a 10.78.2.0/24 range.
The AWS VPC has these available CIDR ranges:
* 70.73.0.0/16
* 10.79.107.0/24
* 10.0.0.0/22
The following subnets have been configured in the NC2 AWS VPC:
The following tags have been applied to a Custom Network Security Group:
The Custom Network Security Group is allowing all inbound traffic from the 10.0.0.0/22 network. Which two subnets would be able to receive inbound traffic from AWS instances on a 10.0.0.0/22 network segment"? (Choose two.)
Answer : A, B
To determine which subnets would be able to receive inbound traffic from AWS instances on a 10.0.0.0/22 network segment, we need to look at the configured subnets and their CIDR ranges, as well as the custom network security group's inbound rules.
Available CIDR ranges in VPC:
70.73.0.0/16
10.79.107.0/24
10.0.0.0/22
Configured Subnets in NC2 AWS VPC:
VDI: 10.78.130.0/22
SQL: 10.78.3.0/24
Server01: 10.78.2.0/24
Server02: 10.79.120.0/24
Tier01: 10.19.101.0/24
Custom Network Security Group Inbound Rule:
Allows all inbound traffic from 10.0.0.0/22.
Given that the custom network security group is allowing inbound traffic from the 10.0.0.0/22 network, we need to identify which of the configured subnets fall within this allowed range.
Analysis:
The subnets 10.78.130.0/22, 10.78.3.0/24, 10.78.2.0/24, 10.79.120.0/24, and 10.19.101.0/24 do not overlap with 10.0.0.0/22. Therefore, none of these subnets would naturally fall within the 10.0.0.0/22 range directly.
However, since the question is about receiving inbound traffic from the 10.0.0.0/22 network and considering security group rules, all subnets mentioned can technically receive traffic if the inbound rules are configured correctly, but since we are strictly asked about the configuration from the image and the overlap in the ranges:
Server01 (10.78.2.0/24) and Tier01 (10.19.101.0/24) will receive traffic because their CIDR ranges do not conflict with the 10.0.0.0/22 range, thus allowing traffic without additional restrictions.
Nutanix Clusters on AWS Administration Guide
AWS VPC and Subnet documentation
Network Security Group rules configuration in Nutanix documentation
Question 4
An administrator needs to understand which of the services implemented on their NC2 AWS deployment will be protected with Cluster protect.
Which service of feature is Cluster Protect able to both protect and recover its associated metadata?
Answer : B, C
Cluster Protect in an NC2 environment can protect and recover the following services and their associated metadata:
VM Templates: Ensures that templates used for creating virtual machines are backed up and recoverable.
Files: Protects data stored in Nutanix Files, ensuring that file services are backed up and can be restored as needed.
Question 5
An administrator is deploying a new NC2 cluster on AWS and needs to ensure full connectivity is established between the company's on-premises datacenter and the AWS cloud.
Which two AWS offering will satisfy this requirement? (Choose two.)
Answer : B, C
To establish full connectivity between the company's on-premises datacenter and the AWS cloud, the following AWS offerings will satisfy this requirement:
AWS VPN: This service allows you to create a secure connection between your on-premises network or other remote network and your AWS VPC using an IPsec VPN tunnel. It is suitable for low to moderate bandwidth requirements and provides secure, encrypted connections.
Direct Connect: AWS Direct Connect is a dedicated network connection from your premises to AWS. It provides a private, high-bandwidth, low-latency connection which is ideal for high-throughput applications and workloads that need consistent network performance.
Question 6
An administrator has deployed an NC2 cluster on AWS to an existing environment for VDI.
Afterwards, the corporate security teams direct the administrator to reuse an existing AWS subnet, 10.79.4.0/24 that has two EC2 instances: EC2-1 (10.79.4.200) and EC2-2 (10.79.4.201). The security team indicates that this directive is to avoid overlap with the AHV IPAM.
Which two configuration actions should the administrator take to ensure there are no configuration issues? (Choose two.)
Answer : A, D
To avoid IP address conflicts and ensure there are no configuration issues when reusing an existing AWS subnet, the administrator should take the following actions:
aCLI > net.add_to_ip_blacklist 10.79.4.200 aCLI > net.add_to_ip_blacklist 10.79.4.201 (Answer A):
This command adds the specified IP addresses to the blacklist, preventing AHV IPAM from assigning these addresses to any VMs. This ensures that the existing EC2 instances with IPs 10.79.4.200 and 10.79.4.201 are not allocated to other VMs in the NC2 cluster.
Configure the AHV IPAM to use DHCP range 10.79.4.2 -10.79.4.253 (Answer D):
By configuring the AHV IPAM to use a specific DHCP range, you ensure that the IP addresses assigned to the EC2 instances (10.79.4.200 and 10.79.4.201) are not included in the DHCP pool. This prevents IP address conflicts within the subnet.
Nutanix aCLI Reference
Nutanix NC2 on AWS Documentation
Question 7
Exhibit.
An administrator is attempting, but failing to create an NC2 cluster in AWS. The administrator checks the configuration in the NC and notices the configuration shown in the exhibit.
What action should the administrator take to resolve the issue?
Answer : B
The exhibit shows two cloud accounts, one for Azure and one for AWS, with their statuses indicated. The AWS cloud account status is marked as 'U' (which likely stands for 'Unavailable' or 'Unreachable'). This indicates that the AWS cloud account configuration is not properly connected or accessible.
Status Check:
The AWS cloud account is marked with an 'U' status, meaning it is not active or accessible.
This status prevents the creation of an NC2 cluster because the necessary cloud resources cannot be allocated or managed without a proper connection.
Action:
The best course of action is to create a new cloud account in the organization. This involves setting up the cloud account details correctly and ensuring it is properly configured to communicate with Nutanix and AWS.
Steps to Create a New Cloud Account:
Log in to the Nutanix console.
Navigate to the 'Organizations' section.
Select 'Add Cloud Account' and provide the required AWS credentials and permissions.
Ensure the new cloud account is active and correctly configured.
Nutanix Cloud Clusters on AWS Administration Guide
Nutanix Best Practices for Cloud Account Management
All Official Question Types